diff options
| author | Matthieu Huin <mhu@enovance.com> | 2014-07-18 19:18:25 +0200 |
|---|---|---|
| committer | Matthieu Huin <mhu@enovance.com> | 2014-10-09 12:34:47 +0200 |
| commit | 0c77a9fe8baa4df9ea2d0055db9c700af3cae310 (patch) | |
| tree | 5ad4edc96382e322774af1bcadf90064612b1b78 /openstackclient/identity | |
| parent | 866965f0111db09cda0a7d983eb60b0287fe8727 (diff) | |
| download | python-openstackclient-0c77a9fe8baa4df9ea2d0055db9c700af3cae310.tar.gz | |
Support for keystone auth plugins
This patch allows the user to choose which authentication plugin
to use with the CLI. The arguments needed by the auth plugins are
automatically added to the argument parser. Some examples with
the currently available authentication plugins::
OS_USERNAME=admin OS_PROJECT_NAME=admin OS_AUTH_URL=http://keystone:5000/v2.0 \
OS_PASSWORD=admin openstack user list
OS_USERNAME=admin OS_PROJECT_DOMAIN_NAME=default OS_USER_DOMAIN_NAME=default \
OS_PROJECT_NAME=admin OS_AUTH_URL=http://keystone:5000/v3 OS_PASSWORD=admin \
OS_IDENTITY_API_VERSION=3 OS_AUTH_PLUGIN=v3password openstack project list
OS_TOKEN=1234 OS_URL=http://service_url:35357/v2.0 \
OS_IDENTITY_API_VERSION=2.0 openstack user list
The --os-auth-plugin option can be omitted; if so the CLI will attempt to
guess which plugin to use from the other options.
Change-Id: I330c20ddb8d96b3a4287c68b57c36c4a0f869669
Co-Authored-By: Florent Flament <florent.flament-ext@cloudwatt.com>
Diffstat (limited to 'openstackclient/identity')
| -rw-r--r-- | openstackclient/identity/client.py | 21 |
1 files changed, 6 insertions, 15 deletions
diff --git a/openstackclient/identity/client.py b/openstackclient/identity/client.py index a43b50e3..bc10a6d2 100644 --- a/openstackclient/identity/client.py +++ b/openstackclient/identity/client.py @@ -16,9 +16,9 @@ import logging from keystoneclient.v2_0 import client as identity_client_v2_0 +from openstackclient.api import auth from openstackclient.common import utils - LOG = logging.getLogger(__name__) DEFAULT_IDENTITY_API_VERSION = '2.0' @@ -47,16 +47,15 @@ def make_client(instance): # TODO(dtroyer): Something doesn't like the session.auth when using # token auth, chase that down. if instance._url: - LOG.debug('Using token auth') + LOG.debug('Using service token auth') client = identity_client( endpoint=instance._url, - token=instance._token, + token=instance._auth_params['token'], cacert=instance._cacert, - insecure=instance._insecure, - trust_id=instance._trust_id, + insecure=instance._insecure ) else: - LOG.debug('Using password auth') + LOG.debug('Using auth plugin: %s' % instance._auth_plugin) client = identity_client( session=instance.session, cacert=instance._cacert, @@ -66,7 +65,6 @@ def make_client(instance): # so we can remove it if not instance._url: instance.auth_ref = instance.auth.get_auth_ref(instance.session) - return client @@ -81,14 +79,7 @@ def build_option_parser(parser): help='Identity API version, default=' + DEFAULT_IDENTITY_API_VERSION + ' (Env: OS_IDENTITY_API_VERSION)') - parser.add_argument( - '--os-trust-id', - metavar='<trust-id>', - default=utils.env('OS_TRUST_ID'), - help='Trust ID to use when authenticating. ' - 'This can only be used with Keystone v3 API ' - '(Env: OS_TRUST_ID)') - return parser + return auth.build_auth_plugins_option_parser(parser) class IdentityClientv2_0(identity_client_v2_0.Client): |